While everyone understandably raises alarms about the possible impact of a ransomware attack, let us never forget that simple, stupid, careless, willful, or just human errors can create significant safety risks for people. A foster family in Missouri is raising concerns about what may be two separate breaches that pose safety risks to them and…
Category: Exposure
QR codes temporarily removed from Sask. COVID-19 vaccine records due to ‘privacy breach’
Kelly Skjerven reports: QR codes are being temporarily removed from residents’ COVID-19 vaccination records due to a situation that eHealth Saskatchewan is treating as a privacy breach. A Saskatchewan government release said they were alerted to an issue downloading patient QR codes. “IT has identified that the COVID-19 vaccination records of up to 19 residents have the potential of…
UK: Second MOD data breach uncovered putting safety of Afghan interpreters at risk
Lizzy Buchan reports that there was a second email gaffe that exposed additional Afghan interpreters. Once again, it seems, email addresses were visible to all addressees instead of being in the blind-copied fields. Some 55 people’s details were revealed, according to the BBC. The disastrous blunder comes after Defence Secretary Ben Wallace was forced to…
Oops? RaidForums data marketplace accidentally exposes private staff page
Ax Sharma reports: RaidForums is an underground place where private databases obtained from data breaches, vulnerability exploits, and credit card information sets are illegally traded by threat actors, or sometimes leaked for free. On RaidForums, the “Staff General” section is typically restricted to internal staff members only, but in an ironic twist of fate, this private section was accidentally left open for viewing by…
Afghanistan: Investigation launched into interpreter data breach
Today’s reminder that even the leak of an email address can put someone’s life at risk. Phil Kemp, Lucy Manning, and Ed Campbell report: Defence Secretary Ben Wallace has ordered an investigation into a data breach involving the email addresses of dozens of Afghan interpreters who worked for British forces. More than 250 people seeking…
EventBuilder misconfiguration exposed event registrants’ information
If you ever used EventBuilder to register as an attendee at an event, then you may be among those whose personal information has been exposed in a leak estimated to have affected more than 100,000 people. The leak was spotted by Bob Diachenko and responsibly disclosed by Diachenko and Clario Tech according to a new report…